Digital security expert to carry out the assessment and design security plan for national CSO

Contract

This is a National Consultant contract. More about National Consultant contracts.

Background

FACT is a Christian-based national organisation working in and through partnerships to improve health and reduce poverty among people affected by HIV and related issues in Zimbabwe and beyond. With support from Global Fund through UNDP, FACT was awarded funds to implement a HIV and Resilient and Sustainable Systems for Health (RSSH) interventions in 20 Global Fund Districts in Zimbabwe. The implementation of these interventions is through CSOs/CBOs sub sub recipients (SSRs).

Background to the requested Consultancy Work

FACT has been in existence for the past 30 plus years, and has gone through a number of capacity development initiatives. FACT work with multiple sub grantees and nationwide grassroots systems has been limited growing exponentially. Assuming Sub-Recipient (SR) role has therefore exposed FACT to cross cutting management risk, systems and operational risks, strains and overload and sudden M&E and management inadequacies. As such FACT requested for Capacity Development that is focused on anticipated risks, exposures and opportunities related to FACT’s newly acquired status. This is to ensure that FACT is better prepared to respond and manage the SSRs using virtual platforms. Compounding the risks and exposure is the well documented distance and remoteness of SSRs and communities FACT is working with under this grant. This on its own creates imminent possible management challenges linked to reporting, accountability and oversight. Additional issues for consideration are linked to SSRs and communities of focus. Most target SSRs are going through periods of organizational growth and development. They struggle with basics related to functional and operational systems hence the need to consider a grand capacity development plan for enhanced and prompt systems set up. SSRs and communities need support in efficient and prompt reporting platforms. Capacity building should result in seamless connectivity between SSRs and SR and also between SSRs and community cadres. It should allow loop mechanism for data and report access as part of back up support. FACT identified some gaps for digital security, including for its web-site. As FACT evolves to become more digital and virtual in its operations and engagements, addressing these gaps becomes paramount.

It therefore against this background that FACT is requesting a digital security expert consultant to carry out the assessment and design security and connectivity plan.

Duties and Responsibilities

• Undertake a comprehensive digital security assessment focusing on cybersecurity governance, risk and compliance activities.
• Assess and design security plan that factors FACT connectivity with its SSRs and use of virtual platforms and electronic data collection systems .
• Implement more secure digital measures and processes.
• Asses the organization’s website, assist in making it more secure.

Main Deliverables

• Digital security assessment report
• A Costed Digital Security plan addressing the gaps identified in the assessment plan report

Competencies

Foundational Competencies:

• Commitment,
• Drive for Results
• Embracing Diversity,
• Integrity
• Self-awareness and Self-regulation,
• Teamwork

2**. Functional Competences**

• Leading Vision and Change
• Communication
• Setting Standards, and Monitoring Work
• Strategic and Global Thinking

Required Skills and Experience

Education

• Degree in Computer Science, IT, Systems Engineering, Digital Security or a similar field.

  Experience:

• At least five years’ experience in cyber security-related duties such as incident detection and response, and forensics

• Proven experience of working with CSOs on similar programme related to digital security
• Experience in conducting digital security assessment for Organisations
• Experience designing and implementing digital security plans
• Experience in communication, documentation and in developing high quality reports;

Language Requirements:

• Fluency in spoken and written English.

Scope of Price Proposal and Schedule of Payments

The consultancy fee will be determined on a lump sum basis. The lump sum amount must be all-inclusive and the contract price must be fixed regardless of changes in the cost components. Payment will be made upon completion of all key deliverables. The expected duration of the work is a Maximum of 10 full days.

How to apply

Apply online as instructed.

The EoI must include the following:

Technical proposal: a cover letter and updated Curriculum Vitae (2 pages maximum); a technical proposal (max. 4 pages) summarizing the approach and the proposed tools to be used. Work plan with the expected number of working days; and, List of evidence of similar work done and experience to undertake the assignment.

Financial proposal: - asking rate (fees) in USD per workday. Should be all-inclusive.

Evaluation Criteria

Candidates will be evaluated using a combined scoring method with the qualifications and methodology weighted at 80% and the price offer weighted at 20%. Only candidates obtaining a minimum of 55%+ (out of 80%) points on the technical qualifications part will be considered for the Financial Evaluation.Criteria for evaluation of qualifications, experience and methodology (80% points maximum):

• Relevance of education to the consultancy (15)
• At least five years’ experience in cyber security-related duties such as incident detection and response, and forensics (20)
• Proven experience of working with CSOs on similar programme related to digital security (15)
• Experience in conducting digital security assessment for Organisations (15)
• Experience designing and implementing digital security plans (15)
• Criteria for financial evaluation (20 points maximum)